Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

error code ssl_error_no_cypher_overlap issue not colve by any "forum" offered solution. Why won't someone from Mozilla reply?

  • 3 replies
  • 3 have this problem
  • 27133 views
  • Last reply by James

more options

About half of my web links are blocked withe the ssl_error_no_cyper_overlap. Forum solutions o f changing integers in *.tls is not working to fix the problem.

Chosen solution

You usually do not need to change any settings because all of the ciphers Firefox can use are already enabled. Let's check your settings:

(1) In a new tab, type or paste about:config in the address bar and press Enter/Return. Click the button accepting the risk.

(2) In the search box above the list, type or paste TLS and pause while the list is filtered

Do any of the preferences starting with security.tls have a non-default value (bolded and indicates "modified")? To restore a setting back to its default, right-click the setting and choose Reset.

(3) In the search box above the list, type or paste SSL3 and pause while the list is filtered

Firefox should display about 15 lines starting with security.ssl3

If any of the preferences is bolded and "modified" to false, double-click it to restore the default value of true EXCEPT

You can block these two to improve your security (double-click to switch them from true to false):

  • security.ssl3.dhe_rsa_aes_128_sha
  • security.ssl3.dhe_rsa_aes_256_sha

(Assuming the Preference column is alphabetical, these usually would be at the top. They are related to the Logjam vulnerability.)

Does that change anything?

Read this answer in context 👍 2

All Replies (3)

more options

Chosen Solution

You usually do not need to change any settings because all of the ciphers Firefox can use are already enabled. Let's check your settings:

(1) In a new tab, type or paste about:config in the address bar and press Enter/Return. Click the button accepting the risk.

(2) In the search box above the list, type or paste TLS and pause while the list is filtered

Do any of the preferences starting with security.tls have a non-default value (bolded and indicates "modified")? To restore a setting back to its default, right-click the setting and choose Reset.

(3) In the search box above the list, type or paste SSL3 and pause while the list is filtered

Firefox should display about 15 lines starting with security.ssl3

If any of the preferences is bolded and "modified" to false, double-click it to restore the default value of true EXCEPT

You can block these two to improve your security (double-click to switch them from true to false):

  • security.ssl3.dhe_rsa_aes_128_sha
  • security.ssl3.dhe_rsa_aes_256_sha

(Assuming the Preference column is alphabetical, these usually would be at the top. They are related to the Logjam vulnerability.)

Does that change anything?

more options

You can check the connection settings.

  • Options/Preferences -> General -> Network: Connection -> Settings

If you do not need to use a proxy to connect to internet then try to select "No Proxy" if "Use the system proxy settings" or one of the others do not work properly.

See "Firefox connection settings":

Try to reset (power off/on) the router.

more options

frustatedbeyond said

This problem is a Mozilla bug introduced in the last update.

From your duplicate thread. No this has not been due to any very recent Firefox versions or updates.

https://blog.mozilla.org/security/2015/09/11/deprecating-the-rc4-cipher/ https://www.fxsitecompat.com/en-CA/docs/2016/rc4-support-has-been-completely-removed/

The RC4 support has been deprecated since Firefox 36 and disabled by default since Firefox 44. As a temporary workaround, the users could still enable it via hidden preferences in case some intranet applications were not updated yet. After a 1-year grace period, Firefox 50 has removed the ability to override the preferences so now the RC4 support is completely dropped. This follows Google Chrome 53 released in August which took the same security measure. From now on Firefox will just show the SSL_ERROR_NO_CYPHER_OVERLAP error when encountered any site using the RC4 cipher.

In older versions mentioned the Preference is security.tls.unrestricted_rc4_fallback to be set as true

Modified by James